Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Ajax contact form

  • This topic is empty.
Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
    Posts
  • #175734
    misterjuli
    Participant

    Hello, I did a php script for contact form.
    I’d like a message comes to my email.
    When I uploaded the whole website to a hosting, the contact form does not work.
    I have changed default email to my email.
    Please share me if you know what I have to do.
    Please check the script below. Thanks

    <?php
    $name = $_POST[‘name’];
    $email = $_POST[’email’];
    $compagny = $_POST[‘compagny’];
    $message = $_POST[‘message’];

    //Validate first
    if(empty($name)||empty($email)||empty($message))
    {
    echo “Name and email and message are required !”;
    header(‘Location: index.html’);
    }
    //validate against any email injection attempts
    if(IsInjected($email))
    {
    echo “Bad email value!”;
    header(‘Location: index.html’);
    }

    $msg = ” Name : $name \r\n”;
    $msg .= ” Email: $email \r\n”;
    $msg .= ” Compagny: $compagny \r\n”;
    $msg .= ” Message : “.stripslashes($_POST[‘message’]).”\r\n\n”;
    $msg .= “User information \r\n”;
    $msg .= “User IP : “.$_SERVER[“REMOTE_ADDR”].”\r\n”;
    $msg .= “Browser info : “.$_SERVER[“HTTP_USER_AGENT”].”\r\n”;
    $msg .= “User come from : “.$_SERVER[“SERVER_NAME”];

    $recipient = “[email protected]”;// Change the recipient email adress to your adrees
    $sujet = “Sender information”;
    $mailheaders = “From: $email\r\nReply-To: $email\r\nReturn-Path: $email\r\n”;
    $ok = mail($recipient, $sujet, $msg, $mailheaders);

    if(isset($ok)){
    header(‘Location: index.html’);
    }else if(! isset($ok)){
    echo “Name and email are required !”;
    header(‘Location: index.html’);
    }

    // Function to validate against any email injection attempts
    function IsInjected($str)
    {
    $injections = array(‘(\n+)’,
    ‘(\r+)’,
    ‘(\t+)’,
    ‘(%0A+)’,
    ‘(%0D+)’,
    ‘(%08+)’,
    ‘(%09+)’
    );
    $inject = join(‘|’, $injections);
    $inject = “/$inject/i”;
    if(preg_match($inject,$str))
    {
    return true;
    }
    else
    {
    return false;
    }
    }

    ?>

    #175747
    __
    Participant

    Please do not “dump” your code on the forums. It is very difficult to read through, and it is not reasonable to expect people to sort through it. Smaller amounts are fine, but when you need to share an entire script, it is best to use a service like pastebin or make a gist on github.

    the contact form does not work.

    This is useless information: it does not help anyone figure out what might be wrong. How does it “not work”? What actually happens when you try it out? error messages? blank page? submits, but doesn’t do anything afterwards? everything appears to work, but no email arrives? Please be as specific as possible, and we’ll have a better chance at helping you.

    #175814
    misterjuli
    Participant

    Hello,
    I apologize about that. I’m a new man in webdesign, also this forum.
    Thanks for your guides to give the best way to settle my problems.

    Best Regards,
    July

    #175835
    __
    Participant

    No problem at all.

    Can you tell us more about your problem? what actually happens when you try to use the contact form?

    #175901
    misterjuli
    Participant

    This problem is contact form does not send the message to my email.
    But sometimes it sent, I don’t understand why it can happen.
    When it sent to my email, the message appears in section of spam.
    That’s it.

    Thanks

    #175945
    __
    Participant

    Well, one possibility is that the message is being flagged as spam during delivery and discarded. You’re using the submitted email address in the From and Reply-To headers: it’s a big “red flag” if the domain name on that email doesn’t match the domain the message was sent from.

    Try adding a Sender header, using an email address from your domain (it doesn’t have to be a “real” address; it could be a “no reply” address).

    Also,

    $email = $_POST['email'];

    $mailheaders = “From: $email\r\n

    This is very dangerous. This code allows a kind of attack called Header Injection. You need to validate user input — in this case, that $_POST['email'] really is a single email address (and not a list of email addresses and/or other email headers). This is a very common way of using website contact forms as spam servers. It can cause problems for you, as well: it can get your email server blacklisted, get your hosting account flagged, cancelled, or overcharged.

    The simplest way to validate an email address is using the filter_var function:

    $email = filter_var( $_POST['email'], FILTER_VALIDATE_EMAIL );
    if( ! $email ){
        /*  $_POST['email'] was *not* a valid email address.
            Stop processing; do not send your email message.  */
    }
    
    #175995
    misterjuli
    Participant

    Hello un-traq-ed
    Yes, The filter_var is useful. I have used it and it works and send quick.
    The message can notice me to distinguish which is spammer or not with a red alert in section of spam. But I’m still thinking how it can come to the section of primary of my email.

    Thanks for your kind.

    #175996
    misterjuli
    Participant

    Hello Soronbe!
    Thanks to let me know about that.
    But I am still confused for that.
    Can you explain that point ?
    OP…. meaning ?

    #176014
    __
    Participant

    above, the OP used IsInjected

    That function checks some (not all) forms of newlines that might be used to create new headers, but it does not check for commas at all — it will not catch a spam mailing list.

    PHP’s filter_var function will cover all of those cases. And, being a native function, is much faster.

    I’m still thinking how it can come to the section of primary of my email.

    Have you tried adding a Sender header, as I suggested above?
    Your message is most likely being flagged as spam during delivery between MTAs.

    OP…. meaning ?

    “OP” refers to the “Original Post,” or in this case, “Original Poster,” i.e., you.

    #176275
    misterjuli
    Participant

    Hello un-traq-ed,

    Yes, I’ve tried to change the sender.
    But it’s still same.
    I think it’s well enough at least the contact form works fine.

    Thank you very much.

    #176341
    __
    Participant

    You’re welcome.

    Yes, I’ve tried to change the sender.

    Just to clarify, you have tried adding a “Sender” header to the email (whereas “tried to change the sender” might only mean using a different email address in the From header)?

    Just want to make sure we’re on the same page.

    #177073
    misterjuli
    Participant

    Hello un-traq-ed,
    I come back.
    Yes, I mean the adding.
    Finally, I’d just like to thank you about it. I’m so glad having person who’s willing to share its knowledge in my case.
    If it’s possible, could I know about more yourself ?

    Best regards,

    Juli

    #177120
    __
    Participant

    Yes, I mean the adding.

    …and did it work?

    #177416
    misterjuli
    Participant

    Yes, it worked.
    Thanks

    #177425
    __
    Participant

    Awesome, glad to hear it!

Viewing 15 posts - 1 through 15 (of 15 total)
  • The forum ‘Back End’ is closed to new topics and replies.